INTEL-SA-00075 Privilege Escalation Vulnerability (CVE2017-5689) Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

INTEL-SA-00075 Privilege Escalation Vulnerability (CVE2017-5689) Scanner Detail

SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

Detects if a system with Intel Active Management Technology is vulnerable to the INTEL-SA-00075 privilege escalation vulnerability (CVE2017-5689).

This script determines if a target is vulnerable by attempting to perform digest authentication with a blank response parameter. If the authentication succeeds, a HTTP 200 response is received.

References:

  • https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability

Some Advice for Common Problems

The vendor has issued a fix. A firmware patch matrix is available in the vendor advisory.

The vendor advisory is available at:

  • https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service